Win32 - Get Trusted CA Cert Dir. Get the Trusted Certificate Directory containing the trusted Certificate Authority certificates. This directory is determined in the order shown below. Failure in one method results in attempting the next.

1.

X509_CERT_DIR environment variable - if this is set, the trusted certificates will be searched for in that directory. This variable allows the end user to specify the location of trusted certificates.

2.

x509_cert_dir registry key - If this registry key is set on windows, the directory it points to should contain the trusted certificates. The path to the registry key is software\Globus\GSI

3.

\<user home directory>\.globus\certificates - If this directory exists, and the previous methods of determining the trusted certs directory failed, this directory will be used.

4.

Host Trusted Cert Dir - This location is intended to be independent of the globus installation ($GLOBUS_LOCATION), and is generally only writeable by the host system administrator.

Win32 - Get Host Certificate and Key Filenames. Get the Host Certificate and Key Filenames based on the current user's environment. The host cert and key are searched for in the following locations (in order):

Win32 - Get Proxy Filename. Get the proxy cert filename based on the following search order:

1.

X509_USER_PROXY environment variable - This environment variable is set by the at run time for the specific application. If the proxy_file_type variable is set to GLOBUS_PROXY_OUTPUT (a proxy filename for writing is requested), and the X509_USER_PROXY is set, this will be the resulting value of the user_proxy filename string passed in. If the proxy_file_type is set to GLOBUS_PROXY_INPUT and X509_USER_PROXY is set, but the file it points to does not exist, or has some other readability issues, the function will continue checking using the other methods available.

2.

check the registry key: x509_user_proxy. Just as with the environment variable, if the registry key is set, and proxy_file_type is GLOBUS_PROXY_OUTPUT, the string set to be the proxy filename will be this registry key's value. If proxy_file_type is GLOBUS_PROXY_INPUT, and the file doesn't exist, the function will check the next method for the proxy's filename.

3.

Check the default location for the proxy file. The default location should be set to reside in the temp directory on that host, with the filename taking the format: x509_u<user id> where <user id> is some unique string for that user on the host

Parameters:

user_proxy the proxy filename of the user proxy_file_type Switch for determining whether to return a existing proxy filename or if a filename suitable for creating a proxy should be returned

Win32 - Get Service Certificate and Key Filenames. Get the Service Certificate Filename based on the current user's environment. The host cert and key are searched for in the following locations (in order):

1.

X509_USER_CERT and X509_USER_KEY environment variables

2.

registry keys x509_user_cert and x509_user_key in software\Globus\GSI

3.

GLOBUS_LOCATION\etc\{service_name}\{service_name}[cert|key].pem So for example, if my service was named: myservice, the location of the certificate would be: <GLOBUS_LOCATION>\etc\myservice\myservicecert.pem

4.

<users home>\.globus\{service_name}\{service_name}[cert|key].pem

Parameters:

service_name The name of the service which allows us to determine the locations of cert and key files to look for service_cert pointer to the host certificate filename service_key pointer to the host key filename

Returns:

GLOBUS_SUCCESS if the service cert and key were found, otherwise an error object identifier

Win32 - Get Signing Policy Filename. Get the Signing Policy Filename on the current system, based on the CA's subject name, and the trusted certificates directory

Parameters:

ca_name The X.509 subject name of the CA to get the signing policy of. The hash of the CA is generated from thiscert_dir The trusted CA certificates directory, containing the singing_policy files of the trusted CAs.signing_policy_filename The resulting singing_policy filename